v1.1.6 Stable Release

🌍 v1.1.6 Stable Release

.github/workflows/codacy.yml

@@ -0,0 +1,60 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# This workflow checks out code, performs a Codacy security scan
+# and integrates the results with the
+# GitHub Advanced Security code scanning feature.  For more information on
+# the Codacy security scan action usage and parameters, see
+# https://github.com/codacy/codacy-analysis-cli-action.
+# For more information on Codacy Analysis CLI in general, see
+# https://github.com/codacy/codacy-analysis-cli.
+
+name: Codacy Security Scan
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "main" ]
+  schedule:
+    - cron: '36 20 * * 2'
+
+permissions:
+  contents: read
+
+jobs:
+  codacy-security-scan:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+    name: Codacy Security Scan
+    runs-on: ubuntu-latest
+    steps:
+      # Checkout the repository to the GitHub Actions runner
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
+      - name: Run Codacy Analysis CLI
+        uses: codacy/codacy-analysis-cli-action@d840f886c4bd4edc059706d09c6a1586111c540b
+        with:
+          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
+          # You can also omit the token and run the tools that support default configurations
+          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
+          verbose: true
+          output: .codacy-scan
+          format: sarif
+          # Adjust severity of non-security issues
+          gh-code-scanning-compat: true
+          # Force 0 exit code to allow SARIF file generation
+          # This will handover control about PR rejection to the GitHub side
+          max-allowed-issues: 2147483647
+
+      # Upload the SARIF file generated in the previous step
+      - name: Upload SARIF results file
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: .codacy-scan

.gitignore

@@ -1,12 +1,11 @@
 # Quickblaze Files
 .gitattributes
 .dccache
-.dccache
 
 # QuickBlaze Security
 local-storage
 Modules/Database.env
-Modules/InstallationStatus.json
+.config
 
 # QuickBlaze Composer
 vendor/

.version

@@ -1 +1 @@
-{ "BRANCH": "main", "VERSION":"1.1.5" }
+{ "BRANCH": "main", "VERSION":"1.1.6" }

Modules/Functions.php

@@ -22,36 +22,6 @@ function ifTextBoxDisabled()
         echo "disabled";
     }
 }
-function determineMessageContent()
-{
-    if (getRecord("encrypted_contents", htmlspecialchars($_GET["key"]), ENT_QUOTES, 'UTF-8') == null) {
-        header("Location: 404");
-    } else {
-        if (!isset($_GET["confirm"])) {
-            echo '
-            <h6>
-                ' . translate("Decrypt & View Message?", "en") . '
-            </h6>
-            <a class="btn btn-primary submit-button darkmode-ignore" href="?confirm&key=' . htmlspecialchars($_GET["key"]) . '">
-                ' . translate("View Message", "en") . '
-            </a>';
-        } else {
-            echo '
-            <h6>
-                ' . translate("This message has been destroyed!", "en") . '
-            </h6>
-            <textarea disabled type="text" class="form-control darkmode-ignore" id="linkbox" name="data">' . htmlspecialchars(decryptData(htmlspecialchars($_GET["key"]))) . '</textarea>
-            <br>
-            <button type="button" class="btn btn-primary submit-button darkmode-ignore" onclick="copyToClipboard(\'#linkbox\')">
-                ' . translate("Copy Message", "en") . '
-            </button>
-            <a class="btn btn-secondary submit-button darkmode-ignore" href="./">
-                ' . translate("Return Home", "en") . '
-            </a>';
-            destroyRecord(htmlspecialchars($_GET["key"], ENT_QUOTES, 'UTF-8')); // destroy record
-        }
-    }
-}
 function getSubmittedKey()
 {
     error_reporting(0); // disable error reporting
@@ -65,28 +35,6 @@ function getSubmittedKey()
     }
     error_reporting(E_ALL); // enable error reporting
 }
-function determineSubmissionFooter()
-{
-    if (isset($_GET["submitted"])) {
-        echo '
-        <br>
-        <p class="text-muted">
-            ' . translate("Share this link anywhere on the internet. The message will be automatically destroyed once viewed.", "en") . '
-        </p>
-        <button type="button" class="btn btn-primary submit-button darkmode-ignore" onclick="copyToClipboard(\'#linkbox\')">
-            ' . translate("Copy Link", "en") . '
-        </button>
-        <a class="btn btn-secondary submit-button darkmode-ignore" href="./">
-            ' . translate("Create New", "en") . '
-        </a>';
-    } else {
-        echo '
-        <br>
-        <button class="btn btn-primary submit-button darkmode-ignore" type="submit">
-            ' . translate("Generate Link", "en") . '
-        </button>';
-    }
-}
 function determineSystemVersion()
 {
     if (!file_exists("./.version")) {
@@ -96,10 +44,14 @@ function determineSystemVersion()
     }
     $thisVersion = json_decode(file_get_contents("./.version", true), true);
     $latestVersion = json_decode(file_get_contents("https://raw.githubusercontent.com/axtonprice-dev/quickblaze-encrypt/" . filter_var(htmlspecialchars($thisVersion["BRANCH"]), FILTER_SANITIZE_FULL_SPECIAL_CHARS) . "/.version?cacheUpdate=" . rand(0, 100), true), true);
-    if ($thisVersion["VERSION"] != $latestVersion["VERSION"]) {
-        return '<x style="color:red">v' . $thisVersion["VERSION"] . ' (Outdated!)</x>';
+    if ($thisVersion["BRANCH"] == "dev" && $thisVersion["VERSION"] != $latestVersion["VERSION"]) {
+        return '<x style="color:orange">v' . $thisVersion["VERSION"] . ' (' . translate("Unreleased") . '!)</x>';
     } else {
-        return 'v' . $thisVersion["VERSION"] . '';
+        if ($thisVersion["BRANCH"] == "main" && $thisVersion["VERSION"] != $latestVersion["VERSION"]) {
+            return '<x style="color:red">v' . $thisVersion["VERSION"] . ' (' . translate("Outdated") . '!)</x>';
+        } else {
+            return 'v' . $thisVersion["VERSION"] . '';
+        }
     }
 }
 function generateKey($length)
@@ -126,6 +78,10 @@ function decryptData($encryption_key) // getRecord("encrypted_contents", $dataKe
 function setupStorageMethod()
 {
     error_reporting(0); // disable error reporting
+    if(!file_exists("./.config")) { // Check if config file is present
+        touch("./.config"); // Create config file if not present
+        file_put_contents("./.config", '{ "STORAGE_METHOD": "mysql", "LANGUAGE": "auto" }'); // Set contents of new config file
+    }
     $configuration = json_decode(file_get_contents("./.config", true), true);
     if (strtolower($configuration["LANGUAGE"]) == "") {
         require "./Public/Error/ServerConfiguration.php"; // throw error page if no language is provided
@@ -185,8 +141,10 @@ function setupStorageMethod()
 }
 function insertRecord($encrypted_contents, $encryption_token)
 {
+    error_reporting(0);
     $configuration = json_decode(file_get_contents("./.config", true), true);
     $json = json_decode(file_get_contents("./Modules/Database.env", true), true);
+    if($_SERVER['HTTP_CF_CONNECTING_IP'] == "" || !isset($_SERVER['HTTP_CF_CONNECTING_IP'])) $_SERVER['HTTP_CF_CONNECTING_IP'] = $_SERVER["REMOTE_ADDR"];
     if (strtolower($configuration["STORAGE_METHOD"]) == "mysql") {
         $mysqli = new mysqli($json["HOSTNAME"], $json["USERNAME"], $json["PASSWORD"], $json["DATABASE"]);
         if ($mysqli->connect_errno) {
@@ -294,8 +252,9 @@ function getRecord($dataToFetch, $encryption_token)
 }
 
 /* Translation Feature */
-function translate($q, $sl)
+function translate($q)
 {
+    $sl = "en"; // Default language
     $configuration = json_decode(file_get_contents("./.config", true), true);
     if ($configuration["LANGUAGE"] == "auto") {
         $tl = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);

Public/Error/403.php

@@ -5,7 +5,7 @@
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1">
     <link rel="icon" type="image/x-icon" href="./Public/assets/img/favicon.png">
-    <meta name="description" content="<?= translate("An extremely simple, one-time view encryption message system. Send anybody passwords, or secret messages on a one-time view basis.", "en") ?>">
+    <meta name="description" content="<?= translate("An extremely simple, one-time view encryption message system. Send anybody passwords, or secret messages on a one-time view basis.") ?>">
     <title>QuickBlaze</title>
 
     <!-- Custom styles -->
@@ -118,8 +118,8 @@
 <body>
     <div class="lock"></div>
     <div class="message">
-        <h1><?= translate("Access to this page is restricted", "en") ?></h1>
-        <p style="text-align: center"><?= translate("Please check with the site admin if you believe this is a mistake.", "en") ?></p>
+        <h1><?= translate("Access to this page is restricted") ?></h1>
+        <p style="text-align: center"><?= translate("Please check with the site admin if you believe this is a mistake.") ?></p>
     </div>
 </body>
 

Public/Error/404.php

@@ -5,7 +5,7 @@
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1">
     <link rel="icon" type="image/x-icon" href="./Public/assets/img/favicon.png">
-    <meta name="description" content="<?= translate("An extremely simple, one-time view encryption message system. Send anybody passwords, or secret messages on a one-time view basis.", "en") ?>">
+    <meta name="description" content="<?= translate("An extremely simple, one-time view encryption message system. Send anybody passwords, or secret messages on a one-time view basis.") ?>">
     <title>QuickBlaze</title>
 
     <!-- Bootstrap core CSS -->
@@ -19,10 +19,10 @@
 
     <main class="form-submit">
         <h1>404</h1>
-        <h5 class="text-muted"><?= translate("This page does not exist. It was most likely removed!", "en") ?></h5>
+        <h5 class="text-muted"><?= translate("This page does not exist. It was most likely removed!") ?></h5>
 
         <br>
-        <a class="btn btn-primary submit-button darkmode-ignore" href="./"><?= translate("Return Home", "en") ?></a>
+        <a class="btn btn-primary submit-button darkmode-ignore" href="./"><?= translate("Return Home") ?></a>
 
         <p class="mt-5 mb-3 text-muted">
             <a href="https://github.com/axtonprice/quickblaze-encrypt" class="text-muted no-decoration">GitHub</a> •
@@ -36,7 +36,7 @@
     <script>
         function addDarkmodeWidget() {
             const options = {
-                time: '0.3s', // default: '0.3s'
+                time: '0.0s', // default: '0.3s'
                 saveInCookies: true, // default: true,
                 label: '🌓', // default: ''
             }

Public/Error/500.php

@@ -5,7 +5,7 @@
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1">
     <link rel="icon" type="image/x-icon" href="./Public/assets/img/favicon.png">
-    <meta name="description" content="<?= translate("An extremely simple, one-time view encryption message system. Send anybody passwords, or secret messages on a one-time view basis.", "en") ?>">
+    <meta name="description" content="<?= translate("An extremely simple, one-time view encryption message system. Send anybody passwords, or secret messages on a one-time view basis.") ?>">
     <title>QuickBlaze</title>
 
     <!-- Bootstrap core CSS -->
@@ -19,10 +19,10 @@
 
     <main class="form-submit">
         <h1>500</h1>
-        <h5 class="text-muted"><?= translate("An internal server error occurred. Please try again later!", "en") ?></h5>
+        <h5 class="text-muted"><?= translate("An internal server error occurred. Please try again later!") ?></h5>
 
         <br>
-        <a class="btn btn-primary submit-button darkmode-ignore" href="./"><?= translate("Return Home", "en") ?></a>
+        <a class="btn btn-primary submit-button darkmode-ignore" href="./"><?= translate("Return Home") ?></a>
 
         <p class="mt-5 mb-3 text-muted">
             <a href="https://github.com/axtonprice/quickblaze-encrypt" class="text-muted no-decoration">GitHub</a> •
@@ -36,7 +36,7 @@
     <script>
         function addDarkmodeWidget() {
             const options = {
-                time: '0.3s', // default: '0.3s'
+                time: '0.0s', // default: '0.3s'
                 saveInCookies: true, // default: true,
                 label: '🌓', // default: ''
             }

Public/Error/DatabaseConfig.php

@@ -5,7 +5,7 @@
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1">
     <link rel="icon" type="image/x-icon" href="./Public/assets/img/favicon.png">
-    <meta name="description" content="<?= translate("An extremely simple, one-time view encryption message system. Send anybody passwords, or secret messages on a one-time view basis.", "en") ?>">
+    <meta name="description" content="<?= translate("An extremely simple, one-time view encryption message system. Send anybody passwords, or secret messages on a one-time view basis.") ?>">
     <title>QuickBlaze</title>
 
     <!-- Bootstrap core CSS -->
@@ -18,11 +18,11 @@
 <body class="text-center">
 
     <main class="form-submit">
-        <h1><?= translate("Database Error", "en") ?></h1>
+        <h1><?= translate("Database Error") ?></h1>
         <br>
         <h5 class="text-muted">
-            <?= translate("You have not configured the database correctly!", "en") ?> <br><br>
-            <a style="text-decoration:none" href="https://github.com/axtonprice-dev/quickblaze-encrypt/#installation" target="_blank"><?= translate("Please refer to the GitHub repository.", "en") ?></a>
+            <?= translate("You have not configured the database correctly!") ?> <br><br>
+            <a style="text-decoration:none" href="https://github.com/axtonprice-dev/quickblaze-encrypt/#installation" target="_blank"><?= translate("Please refer to the GitHub repository.") ?></a>
         </h5>
 
         <p class="mt-5 mb-3 text-muted">
@@ -37,7 +37,7 @@
     <script>
         function addDarkmodeWidget() {
             const options = {
-                time: '0.3s', // default: '0.3s'
+                time: '0.0s', // default: '0.3s'
                 saveInCookies: true, // default: true,
                 label: '🌓', // default: ''
             }

Public/Error/DatabaseCredentials.php

@@ -5,7 +5,7 @@
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1">
     <link rel="icon" type="image/x-icon" href="./Public/assets/img/favicon.png">
-    <meta name="description" content="<?= translate("An extremely simple, one-time view encryption message system. Send anybody passwords, or secret messages on a one-time view basis.", "en") ?>">
+    <meta name="description" content="<?= translate("An extremely simple, one-time view encryption message system. Send anybody passwords, or secret messages on a one-time view basis.") ?>">
     <title>QuickBlaze</title>
 
     <!-- Bootstrap core CSS -->
@@ -18,11 +18,11 @@
 <body class="text-center">
 
     <main class="form-submit">
-        <h1><?= translate("Database Error", "en") ?></h1>
+        <h1><?= translate("Database Error") ?></h1>
         <br>
         <h5 class="text-muted">
-            <?= translate("Failed to connect to the database using the connection credentials you have provided.", "en") ?> <br><br>
-            <a style="text-decoration:none" href="https://github.com/axtonprice-dev/quickblaze-encrypt/#installation" target="_blank"><?= translate("Please refer to the GitHub repository.", "en") ?></a>
+            <?= translate("Failed to connect to the database using the connection credentials you have provided.") ?> <br><br>
+            <a style="text-decoration:none" href="https://github.com/axtonprice-dev/quickblaze-encrypt/#installation" target="_blank"><?= translate("Please refer to the GitHub repository.") ?></a>
         </h5>
 
         <p class="mt-5 mb-3 text-muted">
@@ -37,7 +37,7 @@
     <script>
         function addDarkmodeWidget() {
             const options = {
-                time: '0.3s', // default: '0.3s'
+                time: '0.0s', // default: '0.3s'
                 saveInCookies: true, // default: true,
                 label: '🌓', // default: ''
             }

Public/Error/ServerConfiguration.php

@@ -5,7 +5,7 @@
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1">
     <link rel="icon" type="image/x-icon" href="../Public/assets/img/favicon.png">
-    <meta name="description" content="<?= translate("An extremely simple, one-time view encrypted message system. Send anybody passwords, or secret messages on a one-time view basis.", "en") ?>">
+    <meta name="description" content="<?= translate("An extremely simple, one-time view encrypted message system. Send anybody passwords, or secret messages on a one-time view basis.") ?>">
     <title>QuickBlaze</title>
 
     <!-- Site CSS -->
@@ -21,11 +21,11 @@
             <i class="fa-solid fa-triangle-exclamation fa-2xl darkmode-ignore errorCautionSymbol"></i>
         </div>
         <br>
-        <h1><?= translate("Configuration Error", "en") ?></h1>
+        <h1><?= translate("Configuration Error") ?></h1>
         <br>
         <h5 class="text-muted">
-            <?= translate("The system configuration is not present or has been misconfigured.", "en") ?> <br><br>
-            <a style="text-decoration:none" class="darkmode-ignore" href="https://github.com/axtonprice-dev/quickblaze-encrypt/#configuration" target="_blank"><?= translate("Please refer to the GitHub repository.", "en") ?></a>
+            <?= translate("The system configuration is not present or has been misconfigured.") ?> <br><br>
+            <a style="text-decoration:none" class="darkmode-ignore" href="https://github.com/axtonprice-dev/quickblaze-encrypt/#configuration" target="_blank"><?= translate("Please refer to the GitHub repository.") ?></a>
         </h5>
 
         <p class="mt-5 mb-3 text-muted">
@@ -40,7 +40,7 @@
     <script>
         function addDarkmodeWidget() {
             const options = {
-                time: '0.3s', // default: '0.3s'
+                time: '0.0s', // default: '0.3s'
                 saveInCookies: true, // default: true,
                 label: '🌓', // default: ''
             }